In the field of computer-aided information management, it is strongly required that the protection against unauthorised access of data registers be increased, especially against violation of the individual's personal integrity when setting up and keeping personal registers, i.e. registers containing information on individuals. In particular, there are regulations restricting and prohibiting the linking and matching of personal registers. Also in other fields, such as industry, defence, banking, insurance, etc, improved protection is desired against unauthorised access to the tools, databases, applications etc. that are used for administration and storing of sensitive information.
WO95/15628, which has the same owner as the present application, discloses a method for storing data, which results in increased possibilities of linking and matching with no risk of reduced integrity. The method, which is illustrated schematically in FIGS. 1 and 2 on the enclosed drawing sheets, concerns storing of information comprising on the one hand an identifying piece of information or original identity OID, for instance personal code numbers Pcn and, on the other hand, descriptive information DI. The information OID+DI is stored as records P in a database O-DB according to the following principle:    Step 1 OID (Pcn) is encrypted by means of a first, preferably non-reversible algorithm ALG1 to an update identity UID;    Step 2 UID is encrypted by means of a second, reversible algorithm ALG2 to a storage identity SID;    Step 3 SID and DI are stored as a record P in the database O-DB, SID serving as a record identifier;    Step 4 At predetermined times, an alteration of SID in all or selected records P is accomplished by SID of these records being decrypted by means of a decrypting algorithm ALG3 to UID, whereupon UID is encrypted by means of a modified second, reversible algorithm or ALG2′ to a new storage identity SID′, which is introduced as a new record identifier in the associated record P as replacement for previous SID. This results in a security-enhancing “floating” alteration of SID of the records.
For a closer description of the details and advantages of this encrypting and storing method, reference is made to WO95/15628, which is to be considered to constitute part of the present description. The storing principle according to steps 1-4 above is below referred to as PTY, which is an abbreviation of the concept PROTEGRITY which stands for “Protection and Integrity”.
A detailed technical description of PTY is also supplied in the document “PROTEGRITY (ASIS) Study 2”, Ver. 1.2, 1 Mar. 1996, by Leif Jonson. Also this document is to be considered to constitute part of the present description.
In the technical field at issue, so-called shell protections, however, are today the predominant method of protection. Shell protection comprises on the one hand the external security (premises) and, on the other hand, an authorisation check system ACS with user's passwords for controlling the access. ACS is used as shell protection for main frames, client/server systems and PC, but it does not give full protection and the information at issue can often relatively easily be subjected to unauthorised access. This protection has been found more and more unsatisfactory since, to an increasing extent, “sensitive” information is being stored, which must permit managing via distribution, storing and processing in dynamically changing environments, especially local distribution to personal computers. Concurrently with this development, the limits of the system will be more and more indistinct and the effect afforded by a shell protection deteriorates.